If you made any changes in Pure, your changes will be visible here soon.

Research Output 2012 2019

  • 200 Citations
  • 6 h-Index
  • 19 Conference contribution
  • 2 Editorial
  • 1 Article
Filter
Conference contribution
2019

BinTrimmer: Towards static binary debloating through abstract interpretation

Redini, N., Wang, R., Machiry, A., Shoshitaishvili, Y., Vigna, G. & Kruegel, C., Jan 1 2019, Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Proceedings. Maurice, C., Giacinto, G., Perdisci, R., Almgren, M. & Perdisci, R. (eds.). Springer Verlag, p. 482-501 20 p. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); vol. 11543 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract Interpretation
Binary
Acoustic waves
Engineers
Interval

Bootkeeper: Validating software integrity properties on boot firmware images

Chevalier, R., Cristalli, S., Hauser, C., Shoshitaishvili, Y., Wang, R., Kruegel, C., Vigna, G., Bruschi, D. & Lanzi, A., Mar 13 2019, CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc, p. 315-325 11 p. (CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Open Access
Firmware
Static analysis
Specifications
2018

A binary analysis approach to retrofit security in input parsing routines

Menon, J., Hauser, C., Shoshitaishvili, Y. & Schwab, S., Aug 2 2018, Proceedings - 2018 IEEE Symposium on Security and Privacy Workshops, SPW 2018. Institute of Electrical and Electronics Engineers Inc., p. 306-322 17 p. 8424665

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Firmware
Data storage equipment

AIM-SDN: Aacking information mismanagement in SDN-datastores

Dixit, V. H., Doupe, A., Shoshitaishvili, Y., Zhao, Z. & Ahn, G-J., Oct 15 2018, CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, p. 664-676 13 p.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Network management
Critical infrastructures
Controllers
Cloud computing
Information management

CacheLight: Defeating the cachekit attack

Gutierrez, M., Zhao, Z., Doupe, A., Shoshitaishvili, Y. & Ahn, G-J., Oct 15 2018, ASHES 2018 - Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2018. Association for Computing Machinery, p. 65-74 10 p.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Data storage equipment
Inspection
Hardware
Malware
Hardware security
1 Citation (Scopus)

Challenges and preparedness of SDN-based firewalls

Dixit, V. H., Kyung, S., Zhao, Z., Doupe, A., Shoshitaishvili, Y. & Ahn, G-J., Mar 14 2018, SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018. Association for Computing Machinery, Inc, Vol. 2018-January. p. 33-38 6 p.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Cost effectiveness
Scalability
Controllers
Industry
12 Citations (Scopus)

T-Fuzz: Fuzzing by Program Transformation

Peng, H., Shoshitaishvili, Y. & Payer, M., Jul 23 2018, Proceedings - 2018 IEEE Symposium on Security and Privacy, SP 2018. Institute of Electrical and Electronics Engineers Inc., Vol. 2018-May. p. 697-710 14 p. 8418632

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Processing
2017
2 Citations (Scopus)

Angr - The Next Generation of Binary Analysis

Wang, F. & Shoshitaishvili, Y., Oct 20 2017, Proceedings - 2017 IEEE Cybersecurity Development Conference, SecDev 2017. Institute of Electrical and Electronics Engineers Inc., p. 8-9 2 p. 8077799

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Defects
Testing
Industry
6 Citations (Scopus)

Difuze: Interface aware fuzzing for kernel drivers

Corina, J., MacHiry, A., Salls, C., Shoshitaishvili, Y., Hao, S., Kruegel, C. & Vigna, G., Oct 30 2017, CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, p. 2123-2138 16 p.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Hard disk storage
Smartphones
Bluetooth
Digital cameras
Static analysis
1 Citation (Scopus)

How Shall We Play a Game? A Game-theoretical Model for Cyber-warfare Games

Bao, T., Shoshitaishvili, Y., Wang, R., Kruegel, C., Vigna, G. & Brumley, D., Sep 25 2017, Proceedings - IEEE 30th Computer Security Foundations Symposium, CSF 2017. IEEE Computer Society, p. 7-21 15 p. 8049648

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Military operations
Game theory
Decision making
1 Citation (Scopus)

Piston: Uncooperative remote runtime patching

Salls, C., Shoshitaishvili, Y., Stephens, N., Kruegel, C. & Vigna, G., Dec 4 2017, Proceedings - 33rd Annual Computer Security Applications Conference, ACSAC 2017. Association for Computing Machinery, Vol. Part F132521. p. 141-153 13 p.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Pistons
Binary codes
Data storage equipment
6 Citations (Scopus)

Rise of the HaCRS: Augmenting autonomous cyber reasoning systems with human assistance

Shoshitaishvili, Y., Weissbacher, M., Dresel, L., Salls, C., Wang, R., Kruegel, C. & Vigna, G., Oct 30 2017, CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, p. 347-362 16 p.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Defects
Human engineering
Automation
Personnel
7 Citations (Scopus)

Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits

Bao, T., Wang, R., Shoshitaishvili, Y. & Brumley, D., Jun 23 2017, 2017 IEEE Symposium on Security and Privacy, SP 2017 - Proceedings. Institute of Electrical and Electronics Engineers Inc., p. 824-839 16 p. 7958612

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Transplants
Remediation
Data storage equipment
2016
122 Citations (Scopus)

SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis

Shoshitaishvili, Y., Wang, R., Salls, C., Stephens, N., Polino, M., Dutcher, A., Grosen, J., Feng, S., Hauser, C., Kruegel, C. & Vigna, G., Aug 16 2016, Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016. Institute of Electrical and Electronics Engineers Inc., p. 138-157 20 p. 7546500

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Binary codes
Data structures
2 Citations (Scopus)

Taming transactions: Towards hardware-assisted control flow integrity using transactional memory

Muench, M., Pagani, F., Shoshitaishvili, Y., Kruegel, C., Vigna, G. & Balzarotti, D., Jan 1 2016, Research in Attacks, Intrusions, and Defenses - 19th International Symposium, RAID 2016, Proceedings. Dacier, M., Monrose, F., Blanc, G. & Garcia-Alfaro, J. (eds.). Springer Verlag, p. 24-48 25 p. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); vol. 9854 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Transactional Memory
Flow Control
Flow control
Integrity
Computer hardware
2014
4 Citations (Scopus)

Do you feel lucky? A large-scale analysis of risk-rewards trade-offs in cyber security

Shoshitaishvili, Y., Invernizzi, L., Doupe, A. & Vigna, G., 2014, Proceedings of the ACM Symposium on Applied Computing. Association for Computing Machinery, p. 1649-1656 8 p.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Spamming
Students
Crime
Electronic mail
Security of data
6 Citations (Scopus)

PExy: The other side of exploit kits

De Maio, G., Kapravelos, A., Shoshitaishvili, Y., Kruegel, C. & Vigna, G., Jan 1 2014, Detection of Intrusions and Malware, and Vulnerability Assessment - 11th International Conference, DIMVA 2014, Proceedings. Springer Verlag, p. 132-151 20 p. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); vol. 8550 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Server
Servers
Static Analysis
Trigger
Trivial
5 Citations (Scopus)

Protecting web-based single sign-on protocols against relying party impersonation attacks through a dedicated bi-directional authenticated secure channel

Cao, Y., Shoshitaishvili, Y., Borgolte, K., Kruegel, C., Vigna, G. & Chen, Y., Jan 1 2014, Research in Attacks, Intrusions, and Defenses - 17th International Symposium, RAID 2014, Proceedings. Springer Verlag, p. 276-298 23 p. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); vol. 8688 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Single Sign-on
Web-based
Attack
Network protocols
Vulnerability
2012
24 Citations (Scopus)

Blacksheep: Detecting compromised hosts in homogeneous crowds

Bianchi, A., Shoshitaishvili, Y., Kruegel, C. & Vigna, G., Nov 26 2012, CCS'12 - Proceedings of the 2012 ACM Conference on Computer and Communications Security. p. 341-352 12 p.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Data storage equipment
Image acquisition
Cloud computing
Malware
Virtual machine